package MyApp::Controller::Login;
use Mojo::Base 'Mojolicious::Controller';
use Mojo::Util 'secure_compare';
use Workflow::Factory qw( FACTORY );


sub index {
	##########################
	#原系统登录方法，现在无用了
	##########################
	my $self = shift;

	my $user = $self->param('user') || '';
	my $pass = $self->param('pass') || '';
	return $self->render unless $self->users->check($user, $pass);

	#return $self->redirect_to('/login.html') unless $self->users->check($user, $pass);

	$self->session(user => $user);
	$self->flash(message => 'Thanks for logging in.');
	$self->redirect_to('protected');
}


sub loginquest {
	##########################
	#系统登录方法
	#前端登录页axios的JSON查询接口
	##########################
	my $self = shift;

	#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
	#$self->res->headers->access_control_allow_origin('*'); #测试代码，上线前删除
	#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

	my $user = $self->param('user')|| '';
	my $pass = $self->param('pass') || '';
	my $db = $self->mysql->db;

	my $right_pass = $db->query('select password from admin_account where username=?',$user)->array->[0];

	return $self->render(json => { permition => 0 }) unless $right_pass && secure_compare $right_pass, $pass;

	$self->session(user => $user);
	$self->render(json => { permition => 1 });
}


sub logged_in {
	#################################
	#under判断条件
	#################################
	my $self = shift;
	return 1 if $self->session('user');
	$self->redirect_to('index');
	return undef;
}

sub is_admin {
	#################################
	#under判断条件
	#################################
	my $self = shift;
	return 1 if $self->session('user') =~ /^admin$/;
	$self->redirect_to('home');
	return undef;
}


sub getloggedpermition {
	##################################
	#登录页“关于”页的权限查询接口
	#axios的JSON接口
	##################################
	my $self = shift;

	#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
	#$self->res->headers->access_control_allow_origin('*'); #测试代码，上线前删除
	#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

	#下行为测试行
	#my $username = $self->param('user') || '';
	my $username = $self->session('user') || '';
	my $db = $self->mysql->db;

	my $role = $db->query('select adminrole from admin_account where username=?',$username)->array->[0];

	return $self->render(json => { permition => 0, role => $role }) unless $role && secure_compare $role,"manager";
	return $self->render(json => { permition => 1, role => $role });
}


sub getrole {
	#######################################################
	#用户角色查询接口
	#axios的JSON接口
	#用于返回用户角色，vue-router根据用户角色确定addroutes方法需要
	#加载的页面路由
	#######################################################
	my $self = shift;

	#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
	#$self->res->headers->access_control_allow_origin('*'); #测试代码，上线前删除
	#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

	#下行为测试行
	#my $username = 'admin';#此为测试应用复制方法。
	my $username = $self->session('user');#此为正式应用的赋值方法。

	my $db = $self->mysql->db;

	my $role = $db->query('select adminrole from admin_account where username=?',$username)->array->[0];

	#my $role = "manager";

	return $self->render(json => { role => $role });
}


sub logged_in_role {
	####################################################
	#!!!!!!
	#用户权限判断页后期开发计划如下：
	#1.增加JSON返回接口，用axios发出查询后，通过JSON返回数据，
	#  增加返回{permition => 1/0}，其中返回“1”，应在实际数据
	#  中返回{permition => 1, data => $hash} （“$hash”为
	#  对应数据的散列）。
	####################################################
	my $self = shift;
	my $username = $self->session('user');
	my $db = $self->mysql->db;
	my $role = $db->query('select adminrole from admin_account where username=?',$username)->array->[0];
	if ($role && secure_compare $role, 'manager'){
		return 1;
	}else{
		return undef;
	}
}


sub logout {
	#######################################
	#用户退出功能
	#######################################
	my $self = shift;
	$self->session(expires => 1);
	$self->redirect_to('index');
}

1;